16 of 16 Permanent MITRE ATT&CK Jobs in London

conduct forensic analysis across endpoints, networks, cloud, and SaaS. Integrate threat intelligence into investigations (e.g., enrich IOCs, map activity to MITRE ATT&CK, identify likely threat actors/TTPs, and assess potential impact). Understand the threat landscape through collaboration with industry peers, FS-ISAC … legal/compliance requirements. Required Qualifications Working knowledge of common cyber attacks, tools, and attacker tradecraft; ability to map activity to MITRE ATT&CK and articulate likely TTPs. Demonstrated experience handling security events in critical environments and applying intelligence to accelerate triage and response. Experience ...

cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise ratio Validate detection logic through simulations, threat emulation … platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven experience working with MITRE ATT&CK and threat-informed defence strategies Ability to design scalable and maintainable detection content in complex environments Strong documentation and stakeholder communication ...

cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise ratio Validate detection logic through simulations, threat emulation … platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven experience working with MITRE ATT&CK and threat-informed defence strategies Ability to design scalable and maintainable detection content in complex environments Strong documentation and stakeholder communication ...

cases across SIEM and SOAR platforms using threat intelligence and incident data Develop, map, and maintain detection logic aligned to MITRE ATT&CK frameworks Continuously tune and optimise correlation rules to improve signal-to-noise ratio Validate detection logic through simulations, threat emulation … platforms and query languages (e.g. SPL, KQL) Solid understanding of detection engineering principles, data modelling, and regex Proven experience working with MITRE ATT&CK and threat-informed defence strategies Ability to design scalable and maintainable detection content in complex environments Strong documentation and stakeholder communication ...

optimise complex queries to support threat detection, proactive threat hunting, and anomaly identification Map detection logic to adversary behaviours using the MITRE ATT&CK Framework, ensuring effective coverage of tactics, techniques, and procedures Work with the wider Splunk ecosystem, including tools like TrackMe, and contribute ...

professionals, with demonstrated ability to develop talent and drive team performance • Deep expertise in threat intelligence platforms and frameworks such as MITRE ATT&CK, with experience using Google SecOps, Wiz, and Recorded Future for threat analysis and intelligence gathering • Strong knowledge of financial services threat ...

Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable/Nice-to-Have: Experience with Python , Terraform , or CI/CD pipelines Familiarity ...

Sentinel Familiarity with Microsoft Defender tools (Endpoint & O365) Exposure to Azure cloud logging and Kubernetes environments Knowledge of attacker TTPs and MITRE ATT&CK frameworks Proactive, collaborative, and innovative mindset Desirable/Nice-to-Have: Experience with Python , Terraform , or CI/CD pipelines Familiarity ...

effective security controls aligned with business requirements using a risk-based approach. Familiarity with application attack tactics and techniques, including the MITRE ATT&CK framework, and security maturity models such as OpenSAMM and C2M2. Strong working knowledge of recognised security frameworks and standards, including NIST ...

managing Splunk Enterprise Security (ES). Technical Breadth: Strong understanding of network protocols, cloud security (AWS/Azure), and the MITRE ATT&CK framework. Additional Skills: Experience with Vulnerability Assessment (VA) tools, Penetration Testing, and Web Application Testing is a significant bonus. Desired Qualifications: Mandatory ...

Splunk Enterprise Security (ES) Splunk Certified Cybersecurity Defence Engineer (MANDATORY) Strong understanding of: Network security & protocols Cloud security (AWS/Azure) MITRE ATT&CK framework Desirable Experience Vulnerability Assessment tools (2+ years preferred) Exposure to Penetration Testing/Web Application Testing Experience developing security policies ...

Familiarity with SIEM platforms and security telemetry analysis Understanding of cloud security concepts (Azure, AWS, or GCP) Desirable Skills Knowledge of MITRE ATT&CK or Cyber Kill Chain frameworks Exposure to SaaS and cloud-native security tooling Experience with scripting or query languages (e.g. ...

environments - Security automation and IaC: Python, PowerShell, Terraform, Bicep, or Sentinel analytics rules - you codify controls, you do not document them - MITRE ATT&CK coverage mapping; threat hunting, adversary emulation, and proactive gap analysis against realistic TTPs - Cloud infrastructure - Azure preferred, AWS considered; IAM, managed ...

tools Experience supporting audits, certifications and compliance frameworks including ISO 27001, SOC 2 and NIST Knowledge of security methodologies such as MITRE ATT&CK Excellent communication and stakeholder management skills Experience operating within high-growth or evolving organisations French language skills would be advantageous This ...

with EDR or XDR tools such as Microsoft Defender, CrowdStrike or SentinelOne. * Knowledge of common attacker techniques and frameworks such as MITRE ATT&CK. Security Operations Engineer In accordance with the Employment Agencies and Employment Businesses Regulations 2003, this position is advertised based upon DGH Recruitment Limited ...

human identity abuse, and multi-agent attack surfaces. Understanding of EU AI Act, NCSC AI security guidelines, OWASP GenAI Security Project, and MITRE ATLAS. Ideally involved in academic and/or industry research on AI Security Leadership behaviours: Strategic thinking: able to translate fast-moving threat intelligence into ...